Researchers at F-Secure have discovered a Mac OS X malware file masquerading as a PDF file to lure users into installing a backdoor trojan.
The malware, flagged as a trojan dropper, installs downloader component that downloads a backdoor program onto the system, while camouflaging its activity by opening a PDF file to distract the user.
According to F-Secure, the PDF file contains Chinese-language text related to political issues, which some users may find offensive.
Once installed, the trojan dropper installs a backdoor program that gives a hacker full control of the infected Mac OS X machine.
The backdoor typically contacts a remote server for instructions and can be used to steal files or capture a screenshot of the infected computer system, which is then forwarded to the remote server.
F-Secure reports that the command-and-control of the malware is just a bare Apache installation that is not yet capable of communicating with the backdoor.
Article source: http://www.zdnet.com/blog/security/researchers-find-mac-os-x-malware-posing-as-pdf-file/9451
View full post on National Cyber Security » Virus/Malware/Worms